“We keep moving forward, opening new doors, and trying new things, because we are curious, and curiosity keeps leading us down new paths.” Walt Disney
“Creativity takes courage.” Henri Matisse
Ovidiu Vermesan Joël Bacquet
DEI 4 main actions. | |
Overall EU IoT strategy. | |
IoT-EPI Task Forces. | |
Focus Area on Digitization. | |
NGI Key Pillars. | |
Inter-IoT Multi-layer architecture. | |
Next Generation IoT Hyperconnected: 6As and 6Cs. | |
Next Generation IoT evolution. | |
Next Generation IoT technology convergence. | |
Tactile Internet of Things model. | |
Tactile Internet of Things representation. | |
Tactile Internet of Things interactions. | |
New applications for NGI and IoT/IIoT. | |
Digital Twin representation. | |
How Cloud IoT Edge works. | |
Gartner’s Hype Cycle for emerging technologies 2018. | |
Artificial Intelligence Roadmap. | |
Outcomes of Artificial Intelligence. | |
Artificial Intelligence methods. | |
AI dependency on market size, pain points, and willingness to pay across different industries. | |
Machine Learning (ML) and Deep Learning (DL) technology multi-layered stack. | |
Key AI innovations according to the IDATE Technology 2025 survey. | |
AI adoption/maturity vs. value at stake. | |
Use of unstructured deep learning in the analysis of hospital patient data. | |
AI and IoT/IIoT requirements for complex system integrated systems. | |
Bandwidth and delay for services enabled by legacy networks and 5G. | |
End-to-End Network Slicing for Multiple Industries Based on One Physical Infrastructure. | |
Frequency ranges being studied for identification at World Radio Communication Conference 2019. | |
Factors that could impact commercial adoption of Network Slicing. | |
G Applications Market Potential and Readiness Matrix. | |
G use in different industrial application areas. | |
Key requirements for connectivity for factory of the future automation. | |
International Mobile Telecommunications system requirements for the year 2020 (IMT-2020) mapped to 5G use cases. | |
Global number of connected IoT devices. | |
Evolution of the blockchain. | |
Combining blockchain technology and the IoT with the use of IBM Watson and blockchain platforms. | |
Using blockchain and the IoT to improve operations in the aviation industry. | |
D IoT Layered Architecture. | |
Total number of active device connections worldwide. | |
The importance of Business Model Innovation with respect to external changes in the environment. | |
ACTIVAGE Reference Architecture. | |
IoT device assets and STRIDE representation. | |
Privacy methodology. | |
Process for carrying out a DPIA. | |
Raspberry PI model 3 with TPM dedicated hat in white. | |
ACTIVAGE monitoring platform – BaaS platform architectural overview. | |
Request permissions for accessing personal data. | |
INTER-IoT multi-layered architecture. | |
Semantic Inter-Platform Ontology-to-Ontology translation through IPSM. | |
Process schema of INTER-METH. | |
MW2MW structure. | |
Gateway structure and inner components. | |
INTER-Health pilot. | |
INTER-Health: BodyCloud and UniversAAL integration. | |
INTER-Health System overview. | |
INTER-LogP use case approach. | |
Integration of IoT platforms of different port stakeholders through INTER-IoT. | |
High-level view of the access control pilot. | |
High-level scheme of the pilot for health accident assistance in port areas. | |
AHA Interoperable DS (Smart Home Clusters). | |
AHA Architecture for Interoperability. | |
MONSOON Reference Architecture. | |
Functional View of Plant Operational Platform. | |
Functional View of Cross Sectorial Data Lab Platform. | |
Components Mapping to Open-source Technologies. | |
Containerization of Big Data Storage and Analytics Platform. | |
Deployment view of Plant Operational Platform. | |
Increase in cycle time and decrease in plastification at the same time. The same pattern has repeated multiple times in the unlabelled set of plastic data. CycCycTim is cycle time and CycPlstTim is plastification time. | |
Intra-factory interoperability layer components and dependencies. | |
LinkSmart | |
Example application of GADPL. | |
The high-level BRAIN-IoT concept. | |
BRAIN-IoT development concept. | |
BRAIN-IoT deployment concept. | |
Iterative risk analysis methodology. | |
Decentralised security and privacy capabilities. | |
ENACT support of DevOps for trustworthy smart IoT systems. | |
Key concepts of the IoTCrawler proposal. | |
Overall architecture of the IoTCrawler framework. | |
IoTCrawler use cases at a glance. | |
Overview of SecureIoT Architecture. | |
Layers of SecureIoT systems. | |
SEMIoTICS architecture (deployment and logic views). | |
The structure of layered SerIoT architecture. | |
SOFIE Secure and Open Federation Architecture. | |
Three SOFIE pilots. | |
Myron Krueger’s Video Place (1974), and the Sony EyeToy (2003). | |
Michael Naimark & MIT ArchMac’s Aspen Movie Map (1978–1980), and Google Street View (2007–). | |
Jeffrey Shaw’s Legible City (1988) and E-fitzone exercise equipment (2008). | |
Art+Com’s Terravision (1996) and Google’s Google Earth (2001, 2005–). | |
Key critical IoT communications requirements | |
Vertical industrial sectors – key requirements for critical IoT communications | |
STRIDE | |
DREAD ranking definition | |
DREAD ranking evaluation and analysis | |
Basic strategy analysis | |
Examples where DPIA is required | |
GDPR Analysis in view of its implementation | |
DREAD impact assessment | |
Classification results of different predictive models | |
BRAIN-IoT technical objectives |
Source : Adapted from Prof Eckehard Steinbach, TU Munich.
Source : Adapted from 5G LAB.
Source : Adapted Deloitte University Press.
Source : Constellation Research.
Source : Adapted from McKinsey & Company, [46].
Source : Adapted from McKinsey & Company, [46].
Source : IDATE DigiWorld.
Source : Adapted from McKinsey & Company, [46].
Source : Nature/Mount Sinai Hospital.
Source : Adapted from [95].
Requirements | Details |
Reliability | High availability of the networkLow packet losses |
Resilience | Ability to function in degraded conditionsLow convergence time |
Energy efficiency | Projected lifespan of equipment batteries |
Low latencies | End-to-end latencies of communication systems under 10 ms and sometimes inferior (under 5 ms or even under 1 ms). |
Coverage | Coverage of very a large area (rural)Deep indoor coverageCoverage of moving vehiclesAbility to deploy and use private networks |
Security | Authentication of communicationsEncryption of communicationsAttack detections |
Capacity | Ability of the network to operate with a very large number of users |
Source : IDATE.
Verticals | Critical IoT Scenarios | Demand Strength | Key Requirements |
Automotive | Automated cars | Latency, reliability, coverage (large scale and mobility), point-to-point communication (V2V, V2I) | |
Health | Robotics | Latency, reliability, energy efficiency. | |
Industrial IoT | Automation, time-critical automation, remote control | Latency, reliability, coverage (deep indoor) point-to-point communication, Energy efficiency and local (private) deployments | |
Energy | Fault prevention and alert, grid backhaul network | Latency, reliability, point-to-point communication, large-scale coverage | |
Public safety | Mission-critical communications | Reliability, coverage, resilience, energy efficiency. | |
Agriculture, forestry, environment | Automation | Latency, reliability, energy efficiency, coverage of rural areas |
Source : IDATE.
Source : Adapted from IDATE DigiWorld, Blockchain, October 2016.
Threat | Concerned Security Property |
Authentication | |
Integrity | |
Non-repudiation | |
Confidentiality | |
Availability | |
Authorization |
Risk | Risk Property | Description/point |
How great can be the damage? | 1pt (low): Leaking trivial information2pts (medium): Leaking sensitive information3pts (high): Can subvert the security system | |
How easy to reproduce? | 1pt (low): Very difficult to reproduce, even with knowledge of the security hole2pts (medium): Can be |
|
How easy to realize this threat? | 1pt (low): Requires an extremely skilled person and in-depth knowledge every time to exploit2pts (medium): A skilled programmer could make the attack, then repeat the steps3pts (high): A novice programmer could make the attack in a short time | |
How many users are affected? | 1pt (low): Very small % of users, obscure feature; affects anonymous users2pts (medium): Some users, non-default configuration3pts (high): All users, default configuration, key customer | |
How easy to find this vulnerability? | 1pt (low): The bug is obscure, and it’s unlikely that users will work out damage potential2pts (medium): located in a seldom-used part, and only a few users should come across it3pts (high): The vulnerability is located in the most commonly feature and is very noticeable |
Threat Applicable | DREAD Rate Evaluation | Analysis |
Spoofing | 2,3,2,2,1 → 2 | Weak Password |
Tampering | 3,2,1,2,1 → 1.8 | |
Repudiation | 1,2,2,2,1 → 1.6 | |
Information disclosure | 3,2,1,2,1 → 1.8 | |
Denial of Service | 3,3,3,1,1 → 2.2 | Physical port accessible |
Elevation of Privilege | 3,2,2,1,1 → 1.8 |
Threat Applicable | Risk | Strategy | DREAD Rate |
Spoofing | Mitigate | Secure boot process | 2,2,2,2,1 → 1.8 |
Tampering | Accepted | 3,2,1,2,1 → 1.8 | |
Repudiation | Accepted | 1,2,2,2,1 → 1.6 | |
Information disclosure | Accepted | 3,2,1,2,1 → 1.8 | |
Denial of Service | Mitigate | All non-used ports are | 3,2,1,1,1 → 1.6 |
physically inaccessible | |||
Elevation of Privilege | Accepted | 3,2,2,1,1 → 1.8 |
Examples of Processing | Possible Relevant Criteria | DPIA Required? |
A hospital processing its patients’ genetic and health data (hospital information system). | Yes | |
The use of a camera system to monitor driving behavior on highways. The controller envisages using an intelligent video analysis system to single out cars and automatically recognize license plates. | Yes | |
A company monitoring its employees’ activities, including the monitoring of the employees’ work station, internet activity, etc. | Yes | |
An online magazine using a mailing list to send a generic daily digest to its subscribers. | — | Not necessarily |
Type of Article | Provided Function or Service | GDPR Article |
Legal/Principle | ||
Legal/Technical | Establish access controls and protected regulated data. | |
Legal/technical | Establish access controls and protected regulated data. | |
Legal/technical | Establish access controls and protected regulated data. | |
Technical | Automatically discover and classify GDPR affected data | |
Technical | Audit and Traces control, protection against cyber-attacks and internal threats | |
Technical | Establish access controls and protected regulated data. | |
Legal/technical | Management of incidents and notifications | |
Security Review | ||
Accountability | Governance |
Threat Class | STRIDE Security Property | DREAD Rate | Mitigation Choices | Mitigation Technology | New DREAD Rate |
T | Integrity (I) | 2,2,2,1,2 => 1.8 | Data storage shall be temper-resistantFile system shall be adapted to the technology (read/write cycles)Data shall be backed up | Use a secure element to store security information in order to:Encrypt application’s partitionManage strong authentication at network level and application level | 2,2,2,1,2 => 1.8 |
R | Confidentiality(C) | 2,2,2,1,2 => 1.8 | Read and write operation shall require authentication | 2,1,1,1,2 => 1.4 | |
I | Confidentiality(C) | 3,2,3,2,3 => 2.6 | Data storage shall be encrypted | 1,1,1,1,2 => 1.2 | |
D | Availability(A) | 2,2,2,1,2 => 1.8 | Removable storage devices shall be proscribedData storage resources shall be monitored to avoid being saturated | 2,2,2,1,2 => 1.8 | |
E | Authorization(I) | 3,2,2,2,2 => 2.2 | Write and Read permission shall be tuned in the file system | 1,1,1,1,2 => 1.2 |
Notations | Abbreviations |
API | Application Programming Interface |
IoT | Internet of Things |
BSN | Body Sensor Network |
AAL | Ambient Assisted Living |
SaaS | Software as a Service |
ITS | Intelligent Transportation System |
EWS | Emergency Warning System |
AHA | Active and Healthy Ageing |
LSP | Large Scale Pilot |
DS | Deployment Site |
Balanced Accuracy | Precision | Recall | F1 score | |
k-NN | 0.697 | 0.638 | 0.686 | 0.657 |
Naïve Bayes | 0.643 | 0.604 | 0.563 | 0.578 |
CART | 0.637 | 0.595 | 0.566 | 0.573 |
Random Forest | 0.653 | 0.619 | 0.570 | 0.589 |
SVM (linear) | 0.632 | 0.626 | 0.488 | 0.540 |
SVM (RBF) | 0.663 | 0.643 | 0.563 | 0.594 |
Technical Objective (TO) | Description |
BRAIN-IoT approach to interoperability is based on the adoption of shared semantic models, dynamically linked to concrete IoT devices (sensors, actuators, controls, etc.) operating autonomously in complex scenarios. Binding of models to concrete implementations leverages mapping to open industry standards for semantic device description. | |
Building upon shared models (TO1) BRAIN-IoT facilitates the deployment of smart cooperative behaviour, realized by means of modular AI/ML features which can be dynamically deployed to heterogeneous IoT devices in mixed edge/cloud IoT environments. Smart behaviour features are enriched by distributed data processing, federated learning, virtualization/aggregation of data/events/objects, resolution of mixed-criticality situations and conflicts, verification and context-aware self-adaptation of connectivity and real-time event-oriented, reactive approaches. | |
This is achieved by leveraging fully de-centralized peer-to-peer approaches providing linkage between modular, ad-hoc IoT self-hosted and cloud-based services through existing open standards. | |
BRAIN-IoT introduces a holistic end-to-end trust framework for IoT platforms suitable to be employed in scenarios characterized by strict security and safety requirements, associated with actuation and semi-autonomous operations, and by special needs for secure identification, authentication of data and devices, encryption, non-deniability, as well as detection of cyber-attacks and protection against them. This is done by adopting established security protocols, joint with distributed security approaches derived by peer-to-peer systems e.g. block-chain. | |
BRAIN-IoT develops new patterns for interaction between users and IoT solutions, leveraging semantic mapping of privacy requirements towards data and service models in use in each specific use case, introducing privacy-related APIs and models. This enables the possibility to programmatically inform users about privacy policies in place, as well as enabling them to exercise fine-grained privacy controls. | |
BRAIN-IoT provides tools to ease rapid prototyping (development, integration) of smart cooperative IoT systems. This is achieved by extending available tools for development, integration, commissioning and management of IoT and Cyber-Physical systems. | |
BRAIN-IoT enables end-users to dynamically commission and reconfigure their modular IoT instances, choosing among the available platforms, modules implementations and services. This is achieved by extending existing open marketplace of IoT services and data jointly with available catalogues providing open IoT enablers and integrating them with its federation framework. |
Notations | Abbreviations |
AAA | Authentication, Authorisation and Accounting |
ABE | Attribute-Based Encryption |
CP-ABE | Ciphertext-Policy Attribute-Based Encryption |
DHT | Distributed Hash Table |
IoT | Internet of Things |
JSON-LD | JavaScript Object Notation for Linked Data |
KPI | Key Performance Indicator |
QoS | Quality of Service |
QoI | Quality of Information |
OMB | Overlay Management Backbone |
RDF | Resource Description Framework |
RDQL | RDF Data Query Language |
TEEs | Trusted Execution Environments |
API | Application Programming Interface |
bD | by-Design |
CE | Circular Economy |
E2E | End-to-End |
GDPR | General Data Protection Regulation |
EU | European Union |
ICT | Information Communication Technologies |
IoT | Internet of Things |
IIoT | Industrial IoT |
ML | Machine Learning |
NFV | Network Function Virtualization |
SDN | Software-Defined Networking |
SPDI | Security, Privacy, Dependability and Interoperability |
“The ability to produce art was an indication that humans had begun to think in more abstract terms. It’s a thought process that enabled us to come up with the science and technology that enabled our species to become so successful.” BBC article by Pallab Gosh, Oct. 2014 [2]
I now dive and ascend as a glass. I bring up that image of internal water. Poem pen dissolved in the primordial direction of the poem. Or the poem going up the pen, passing through its own impulse, poem returning.
We could carry on our shoulders a machine that thinks, or rather a machine that detects ideas that roam around the world. Agostinho da Silva, 1990. https://arquivos.rtp.pt/conteudos/conversa-com-baptista-bastos/ from minute 22 onwards. (last accessed on 13/08/2017) Translated by Luis Miguel Girao.
But it was just this distinction between abstract knowledge and knowledge of perception, entirely overlooked by Kant, which the ancient philosophers denoted by noumena and phenomena. (See Sextus Empiricus, Outlines of Pyrrhonism, Book I, Chapter [8]., ‘What is thought (noumena) is opposed to what appears or is perceived (phenomena).’) This contrast and utter disproportion greatly occupied these philosophers in the philosophemes of the Eleatics, in Plato’s doctrine of the Ideas, in the dialectic of the Megarics, and later the scholastics in the dispute between nominalism and realism, whose seed, so late in developing, was already contained in the opposite mental tendencies of Plato and Aristotle. But Kant who, in an unwarrantable manner, entirely neglected the thing for the expression of which those words phenomena and noumena had already been taken, now takes possession of the words, as if they were still unclaimed, in order to denote by them his things-in-themselves and his phenomena”
“Art is Life, Life is Art” Wolf Vostell (1932–1998)
“Self-driving cars bring together a bunch of really interesting technologies – such as machine vision and intelligence – with crucial social issues such as the atomization and changing nature of labour, the shift of power to corporate elites and Silicon Valley, and the quasi-religious faith in computation as the only framework for the production of truth-and hence, ethics and social justice.(…) The attempt to build my own car is a process of understanding how the dominant narratives of these technologies are produced, and could be changed.”
“I struggled to justify the value of new-media arts research to an audience of Silicon Valley business people; while simultaneously, some new-media artist friends of mine discovered that their work had been ‘appropriated’ by a large corporation.”